<?php

class User {
    const USER_TABLE = 'user';
    const INFO_TABLE = 'user_information';
    protected $sessionExpiration = 1209600;
    protected $id;
    protected $name;
    protected $password;
    protected $permissions;
    protected $sessionHash;
    protected $realname;
    protected $discipline;

    public static function tryReviveSession() {
        if (isset($_COOKIE['ps_username']) && isset($_COOKIE['ps_hash'])) {
            $result = Dal::fetchAll("SELECT id AS Id FROM " .
                            self::USER_TABLE .
                            " WHERE Username = '{$_COOKIE['ps_username']}' " .
                            "AND SessionHash ='{$_COOKIE['ps_hash']}'");
            if (count($result) == 1) {
                $_SESSION['user'] = new User();
                $_SESSION['user']->load($result[0]['Id']);
                return true;
            }
        }
        return false;
    }

    public function load($id) {
        $sql = "SELECT U.*, UI.* FROM " . self::USER_TABLE .
        " U INNER JOIN " . self::INFO_TABLE . " UI ON UI.UserId = U.Id WHERE U.Id = {$id} " ;
        $result = Dal::fetchAll($sql);
        if (count($result) == 1) {
            $this->id = $result[0]['Id'];
            $this->name = $result[0]['Username'];
            $this->password = $result[0]['Password'];
            $this->permissions = $result[0]['Permissions'];
            $this->sessionHash = $result[0]['SessionHash'];
            $this->realname = $result[0]['Name'];
            return true;

            
        }
        return false;
    }

    public function login($username, $password, $persistent) {

        $encrypted = md5($password);
        $username = mysql_real_escape_string($username);

        $sql = "SELECT Id FROM " . self::USER_TABLE . " WHERE Username='$username' and Password='$encrypted'";
        $result = Dal::fetchAll($sql);
        if (count($result) == 1) {
            if (!$this->load($result[0]['Id'])) {
                return false;
            }

            if ($persistent) {
                $this->sessionHash = md5(time() . $this->name);
                Dal::update("UPDATE " . self::USER_TABLE . " SET SessionHash = '{$this->sessionHash}' WHERE Id = {$this->id};");
                setcookie("ps_username", $this->name, time() + $this->sessionExpiration);
                setcookie("ps_hash", $this->sessionHash, time() + $this->sessionExpiration);
            } else {
                $this->sessionHash = null;
                Dal::update("UPDATE " . self::USER_TABLE . " SET SessionHash = NULL WHERE Id = {$this->id};");
                setcookie("ps_username", null, 0);
                setcookie("ps_hash", null, 0);
            }
            return true;
        } else {
            return false;
        }
    }

    public static function logout() {
        Dal::update("UPDATE " . self::USER_TABLE . " SET SessionHash = NULL WHERE Id = {$_SESSION['user']->id};");
        setcookie("ps_username", null, 0);
        setcookie("ps_hash", null, 0);
        $_SESSION['user'] = null;
    }

    public function getPermissions() {
        return explode(',', $this->permissions);
    }

    public function getRealName() {
        return $this->name;
    }

    public function getId(){
        return $this->id;
    }
}

?>